The Nomad token bridge appears to have experienced a security exploit that has allowed hackers to systematically drain the bridge’s funds over a long series of transactions.
Nearly the entire $190.7 million in crypto has been removed from the bridge, with only $651.54 left remaining in the wallet, according to decentralized finance (DeFi) tracking platform DeFi Llama.
Nomad bridge is getting drained, your funds might be at risk and might be able to still withdraw the remaining funds ⚠️ https://t.co/RgYmjSV9eB
The first suspicious transaction, which may have been the genesis of the ongoing exploit, came at 9:32pm UTC when someone managed to remove 100 Wrapped Bitcoin (WBTC) worth about $2.3 million tokens from the bridge.
Shortly after the community raised alarm bells over the potential exploit, the Nomad team confirmed at 11:35pm UTC that it was aware of the "incident involving the Nomad token bridge" adding it is "currently investigating the incident." The team did not immediately respond to a request for comment.
We are aware of the incident involving the Nomad token bridge. We are currently investigating and will provide updates when we have them.
The incident has seen WBTC, Wrapped Ether (WETH), USD Coin (USDC), Frax (FRAX), Covalent Query Token (CQT), Hummingbird Governance Token (HBOT), IAGON (IAG), Dai (DAI), GeroWallet (GERO), Card Starter (CARDS), Saddle DAO (SDL), and Charli3 (C3) tokens taken from the bridge.
Exploiters removed tokens in an unusual fashion as each token was removed in nearly equivalent denominations. For example, transactions with exactly 202,440.725413 USDC were executed over 200 times.
Nomad is a token bridge that allows transfers of tokens between Avalanche (AVAX), ethereum (ETH), Evmos (EVMOS),
Read more on cointelegraph.com